MONTE CARLO, Monaco – The reinsurance market for cyber liability insurance is stable but unlikely to grow significantly until more sophisticated underwriting tools are developed to assess the risks, reinsurance executives say.
While the world’s largest reinsurers plan to maintain their levels of cyber reinsurance premiums, they say better computer models are needed to measure exposures.
Cyber models are also needed to develop coverage triggers that can attract capital market investment in the sector, they said during presentations and meetings at the Rendez-Vous de Septembre reinsurance meeting in Monte Carlo earlier this month.
In 2021, the global cyber insurance market premium was close to $10 billion and by 2025 the market should grow to more than $20 billion as the world becomes more dependent on digital processes, says Torsten Jeworrek, Chairman of Munich Re’s Reinsurance Committee.
“The demand is there. … If our industry would not have an ambition to find ways through insurance products and with services to meet this demand, then we could lose relevance,” he said.
However, recent loss experience has led to a reduction in insurance capacity and increased rates, with cyber liability in the US, the world’s largest cyber market, increasing by about 80% since 2020, Jeworrek said.
Munich Re recorded $1.4 billion in cyber liability premiums in 2021, representing a market share of about 14%, he said. Its cyber assurance record “over the years has been very good,” he said.
SCOR SE’s cyber premium is about $200 million, a relatively small percentage of its total premium of $9 billion, said Laurent Rousseau, CEO of the Paris-based reinsurer.
“The main reason for this lack of development has been uncertainty about what is our accumulation,” he said.
Reinsurers are unsure of likely maximum loss estimates because cyber risk is evolving so quickly, Rousseau said.
The cyber liability insurance market could be as large as the property insurance market by 2040, but it is a difficult peril to underwrite due to the lack of historical loss data, said Thierry Léger, group head of insurance at Swiss Re Ltd.
“Nobody wants to share if they’ve been hacked, so we’re really struggling to get good data,” he said.
But over time, and as large losses occur, reinsurers will be able to develop cyber guarantees, Léger said.
Hannover Re SE has about $550 million in cyber premium volume, says Silke Sehma, a member of the reinsurance company’s board.
“In the future we will be able to grow some, but for now we are fine with what we have,” she said.
Demand for cyber reinsurance has increased as commercial and personal insurers increase their cyber premiums, said David Priebe, New York-based chairman of Guy Carpenter & Co. LLC.
“One of the things we will continue to work on is how we develop more capabilities for cyber. One of the keys to unlocking that is having a greater understanding of modeling systemic cyber risk,” he said.
Improved modeling would also give capital markets investors more confidence in cyber risk assessment and provide more capacity via insurance-linked securities, he said.
Verisk Analytics Inc. has been modeling cyber risk for about five years, said Jay Guin, Boston-based vice president and director of research for extreme event solutions at the disaster modeling company.
“It’s different from nat cat because of the human element, so the models have to be updated more often, and we have to be more adaptable when it comes to dealing with cyber,” he said.
Verisk decided earlier this year not to invest further in cyber models until the insurance market for the exposure stabilizes, Mr. Guin.
“Right now the market is quite chaotic, because there are a lot of companies reducing exposure or excluding exposure, so we have made a decision to observe for a while,” he said.
Denexus Inc. is testing a cyber risk quantification tool for the renewable energy sector, said Jose Seara, CEO of the Sausalito, Calif.-based cyber risk firm.
The company has been collecting cyber risk data from a group of energy companies since 2020 and is working with insurers, reinsurers and ILS providers to build probabilistic models, he said.
The company uses a cloud-based system, which incorporates blockchain technology, to enable the parties to securely share information about the risks, Mr Seara said.